If we have said it once we have said it one hundred times — sometimes that many times in a day. Passwords matter? Why do passwords matter? I’ll give you at least 1 reason — government security breach that is happening right now.
In case you haven’t heard, there was a breach in governmental agencies. Yes, Russian hackers got in, but do you know how and why? Because one of its vendors, Solar Winds, failed to do the one basic task required of everyone who does anything on the internet — they didn’t have strong passwords.
Why Do Passwords Matter?
In fact, they knew more than a year ago that its password was weak. Are you ready for this? The password of a vendor that works with the U.S. government used the password, “solarwinds123.” In an article on TechDirt, written by Tim Cushing, he wrote, to the effect that, “this password was so simple an idiot could have written it.” In fact, the password was so simple that SolarWinds might as well have thrown open the virtual doors and invited hackers in — oh, wait, they did that.
The Russian hackers that broke in didn’t have to try very hard.
As it was written in the article and we agree, “OMFG” and someone should be fired at SolarWinds. With a password like “solarwinds123” this individual or individuals opened the door to the company and not only compromised it — but every business connected to it.
Once someone hacked into SolarWinds, it was only a matter of time and it was quite easy for that person to get into customers of SolarWinds — and that included its more than 300,000 customers and all five branches of the U.S. Military. “This, honestly is treasonous behavior,” Seth Melendez, CEO of WareGeeks Solutions said, “Ambivalence is the worse detriment in the human factor at work here with this breach. This — ambivalence — is more harmful than people in an organization who are mad at their employer and want to get back at them.”
When the Russians came in, Melendez said, all they had to do was walk up to the door — the door was essentially open.
Melendez said, “Anyone working with government vendors should be — and need to be — held to a higher standard and scrutinized. This company showed no accountability and apparently didn’t audit their own systems.”
You can read the entire article on TechDirt here.
Protect yourself from hackers with our tips here.
Download our Free password tip worksheet here.